Windows 10 Features and Navigation – December 1, 2015

Steve Fullmer

3 years ago

In this recorded Windows 10 webinar from December 1,2015, Windows Instructor Steve Fullmer presents the navigation and some of the new features associated with Windows 10 including Sysinternals Tools for Windows Client, Windows core concepts, exploring Process Explorer as well as some of the features that are not yet ready for prime time but will be released shortly in the future with Windows 10. For more, see our Windows 10 Blogs that Steve referenced in the video webinar.

Steven M. Fullmer, PMP, MBA, MCT/CTT+, CDP Steven has a global reputation as a project manager, chief technology officer, and computer systems innovator. He has authored more than 100 articles and a dozen courses in the fields of project management, productivity, business analysis, and computer technology. He has more than thirty years of professional design and project management experience in finance and high technology firms. He is founder and president of Blue Sphere Solutions, a technology project consultancy as well as a staff instructor for Interface Technical Training.

The first module’s an introduction to the navigation and some of the new features associated with Windows 10, as well as some of the features that are not yet ready for prime time, but will be released shortly in the future with Windows 10.

The second module talks about core components. Elements like managing and deploying Windows 10 in the enterprise, including enhancements to Active Directory and other security and management features enabled in the enterprise environment with the Enterprise version of Windows 10.

The third module talks about exploring Process Explorer, which really is more about the hardware and software enhancements to security and security implementations with Windows 10.

Lesson 1: Introduction to Windows 10

Overview of New Windows 10 Features that Increase Business Productivity

New Features of Windows 10

Windows 10 Features not Available with the Initial Release

Demonstration: Exploring the new User Interface (UI) of Windows 10

This introductory module, Module 1, will show Windows 10 navigation and some of the requirements that you’ll have with Windows 10. Windows 10 is really more of an innovation than it is a new invention. Actually, I think it’s more of an evolution than even an innovation.

Microsoft has taken some of the best features that they identified with Windows Vista, which is really an experiment in the development of a new operating system kernel and shells.

Windows 7 took us far more robustly into that, including deployment of and enforcement of digitally signed drivers. Digital certificates were introduced with Windows 7, but they’re now enforced in Windows 8 and Windows 10 to enhance the security aspects of the system.

We’re also going to take some of the features introduced in Windows 8 and 8.1, including the ability to support touch screens like desktops or tablets and mobile devices with Windows 10.

With Windows 10, we have one common environment that crawls across all of those different platforms, deployed and managed with a common toolset that supports both mobile devices with Windows Phone, tablets, desktops, and all of the other variety of hardware platforms in between. There will be one common platform, and there will be constraints, but they’re minor.

For instance, some of the more robust applications that might run on your desktop won’t run the same on a phone. It’s about screen size and screen real estate. Other than that, Windows 10 is one common platform across all these devices.

We’re going to start here with an introduction to some of the different features and navigation associated with Windows 10.

Before we get underway, we’re talking about Windows 10 and new features of Windows 10. Microsoft has introduced some terminology associated with some of the new features. As an instructor of CompTIA for both A+ and Security+ Technologies [http://www.interfacett.com/technology/comptia-a-certification-training/], some of the terminology that Microsoft introduced is not necessarily industry specific. It’s their interpretation and their implementation.

To make that clear, as we talk about some of the new features, I’m going to give you a little bit of that background that’ll help you as you take a look at some of the terminologies you’ll find in documentation associated with Windows 10 releases.

The first of these terminologies is what is called “Windows Hello.”

Windows Hello has new functions and features that Microsoft is embedding in Windows 10 that have to do with biometric identification, facial recognition, fingerprint or hand print, also iris and/or retinal scans.

Microsoft started to introduce the technology in the device drivers that are digitally signed to support that kind of identification and authentication in Windows 7. They’ve enhanced it in Windows 8. They’re even going further in Windows 10.

It’s a part of their sign‑in features that include “Windows Passport.”

Windows Passport is a new technology that automatically, or is designed to automatically encourage and enforce at least two‑factor, if not three‑factor authentication.

The combination of a login ID, a password, or a PIN, along with multifactor authentication that includes elements like Windows Hello, as well as other features like tokens, like a USB card, or a proximity card, Near Field Communications as we go to portable devices.

Let me describe FIDO a little bit because it’s not really a Microsoft technology. FIDO is an open‑source technology that’s becoming prominent in the mobile device industry, primarily supported by the financial industry.

Think about the phones that you’ve got that you go to make a payment, whether it’s at Starbucks or a restaurant, where effectively your device is a digital token that you apply your fingerprint or some other PIN to be able to identify yourself for financial payments. That’s what FIDO is all about. FIDO was essentially an open‑source alliance that stands for Fast ID Online.

Microsoft is incorporating the ability to use any of the FIDO technologies into their Windows Passport solutions. It doesn’t have to be a Microsoft solution, you can use some of the open‑source content with Windows Passport, as well as Hello and some of the other features that Microsoft is introducing.

DLP (Data Leakage Prevention)

Moving on to a couple of other terms. Typically, when we see DLP, as a Security+ expert, we talk about Data Loss Prevention. But Microsoft is using the term a little bit more robustly, where we might talk about Data Leakage Prevention.

From a security perspective, we talk about the concept of data being protected In-Place, In Use or In‑Transit.

IN-PLACE:

This is the kind of security that we put on to a hard drive. Microsoft has been providing that for some time with tools like BitLocker so that you can encrypt your data in‑place. We also have encryption solutions that are network‑based or storage array networks, et cetera. That would be in‑place.

IN-USE:

The In‑Use solutions include things like anti‑virus solutions like Windows Defender, anti‑spyware solutions whether they’re by Microsoft or other vendors, pop‑up blockers that prevent your system from being attacked or hacked while you are using the operating system or applications.

Other features that are considered to be In-Use include certain drivers or application elements cannot be loaded and used as executables by the operating system, unless they have for instance the Data Execution Prevention bit, the NX bit turned on.

Microsoft went further in Windows 7 and Windows 8 to protect your operating system by digitally signing with operating system and drivers components. This assures that no component of your system that’s not digitally signed or accurate will be run as an executable. That’s an in‑use enhancement of your system.

That could be data loss or even data leakage. Data leakage is the concept that your intellectual property from your business is getting out and looked at by other people who don’t have or shouldn’t have access to it.

IN-TRANSIT:

The most common place for data leakage to occur is its transit across the network. The Internet network, as well as the internal network. Consider those hackers that are trying to look at packets as they’re transiting the network.

Data leakage is them looking at it. You don’t want that to happen. IPsec enabled in Windows 7, Windows 8 and Windows 10 is a component of that data leakage, but it’s not all. Microsoft’s added more to what they talk about when they say DLP. You’ll see that terminology through some of my demos. Some of what Rick and/or Mike talks about, so I want you to get that overview of the terminology first.

Another concept as well is “BYOD,” Bring Your Own Device. One of the issues, this is not so much for Microsoft as it is my background in security and teaching the security course [http://www.interfacett.com/training/sec155-security-certification-skills/] many employees want to bring their own laptops or tablets, their own cellphones to work.

The ability of those devices to attach to your systems to get intellectual, property, to have it reside or transit on their system is consistently and constantly increasing.

The challenge with that is this recent study suggests that about 15 percent of all employees don’t believe that their employers have any right to touch or add components to their systems in order to protect that intellectual property.

As a matter of fact, an even larger percentage don’t believe that there’s any true issue with the use of their own devices because they’re careful, or their devices won’t get in the hands of other malicious people, et cetera.

There is an issue today with Bring Your Own Device (BYOD). Microsoft, rather than supporting that, is supporting a concept called Choose Your Own Device (CYOD).

CYOD is effectively where the employer is providing a set of devices with pre‑installed security settings, with pre‑installed intellectual property controls on them, so that the end user, the employee gets some choice in what they’re picking, but only as long as it’s compliant with company policy.

This also includes the concept of, Remote Wipe of data or Remote Wipe of lost or stolen equipment. Microsoft’s taken this Bring Your Own Device into the Choose Your Own Device environment, so you’ll see a lot of the CYOD vs BYOD.

Mobile Device Management (MDM) or Over the Air (OTA):

We’re talking about the ability to manage devices through cell carriers, through WiFi, through Bluetooth, through Near Field Communication. Such that devices now have the ability to transmit data through all of those different mediums.

Remember when we talk about that data leak prevention, we’re also talking about the ability of somebody to capture your packets as they transit.

We, therefore, want to take a look at solutions from security perspective that help us manage our devices, that includes Remote Wipe. That includes the ability to identify or authenticate who it is that’s connecting to us in this over the air wireless kind of technology to grab the data.

Microsoft’s add a lot of technology in the Windows 10 platform to be able to help us secure our systems using not only Microsoft, but third‑party Mobile Device Management (MDM) solutions. Microsoft supports numerous open‑source or third‑party applications to do that.

That covers the high‑level overview of communication. As we go through the actual demonstration, I’ll talk about other things like Virtualization‑Based Security as well as Configurable Code Integrity (CCI).

CCI is the management of digital credentials and how Microsoft plans to move forth with them.

Credential Guard, is a Group Policy solution that Rick Trader will cover in the next module, and Device Guard, which is about digital certificates, controlling devices that act like token or token carriers, including the use of a Trusted Platform Module version 2.0, which should be on your motherboard and be able to support some of the advanced features of Windows 10.

Windows 10 Business Features:

Let’s take a look at some of the new business features that Microsoft is adding that are specific to either the Professional or Enterprise versions of Microsoft Windows 10.

Previously, I discussed Microsoft Hello and Microsoft Passport, as well as Windows Biometrics. You have those under some of the protection against some of the modern security threats.

We also have mobile and desktop support with Universal Office and Office Desktop, Intune, Azure, and other Cloud services that are out in the market.

Mike Dansgleio will go into the details regarding Device Guard in Windows 10. That’s the ability to control our devices using security certificates on the Trusted Platform Module 2.0

We talked about mobile device management, and that some of that’s necessary, and it needs to be supported through a group policy, and/or Active Directory in your Enterprise Environment. There will definitely be enhancements or upgrades you’re going to have to make to Active Directory and Group Policy to support some of the new features of Windows 10.

We talked about In‑Place Upgrades. Microsoft has a new model, there are not going to be anymore versions Windows 10 is it.

If you take a look at some of the other operating system providers out there, whether it’s Android, Apple, or others, they’re all going to a single operating system where you’re getting full release upgrades of that that have been thoroughly tested and are fully integrated with additional functions and capabilities.

If you go to Windows 10, that’s the same model that Microsoft is going to provide you. We’re talking about in‑place upgrade without those regular patches and updates that you had to test. Microsoft’s going to test that, and you’re going to move forward, full roll up by roll up.

We talked about Azure and Active Directory a little bit as some of the requirements to support it. That’s Could‑based management. Cloud to base deployment of your settings, configuration settings and your management of devices.

Windows As A Service is part of how Microsoft’s talking about the deployment of the software that’s out there so that they get the updates through the Cloud. You don’t have to use your own Windows Update Server, but you can if you want to.

Universal Applications. Microsoft Windows 10 supports both the Microsoft Modern Apps, those desktop icons that you got in Windows 8 and 8.1, as well as all of the support for Legacy Applications in your standard desktop apps supported under Windows 10.

Microsoft Office has been upgraded. You could do Office 365 through the Cloud, or you can get new versions of Office that work across multiple Windows 10 platforms.

We have Internet Explorer 11, and we have the new Edge Browser that’s natively deployed with Windows 10 as well. We’ll be demonstrating that as we go through the new interface that’s present in Windows 10.

We also have support for additional kinds of devices. Remember, we said one platform across all of them. There are new devices specifically designed to support some of the Microsoft Windows 10 touchscreen and/or secure environments, including the surface Lumia and some of the hollow lens types of devices support new functionality with Windows 10.

We now have the One Developer Platform, not just the one operating system platform. That means that developers can develop applications that cross all of the Windows 10 different device environments for us. Windows as a service is part of their deployment as we said, and the code from your Legacy systems will still work.

If we take a look at, and this is part of what Rick Trader will go into in his Module 2 presentation, is the ability to do Enterprise Management of your Windows 10 platform. This includes Active Directory, Azure, Group Policy, System Center Configuration Manager Upgrades. We mentioned that you got third‑party not only for device management, but also for the Mobile Device Management.

Different update solutions including support for some third‑party mobile device deployment solutions, whether they’re on the premise or in the Cloud, and whether you’ve got to Choose Your Own Device (CYOD) or Bring Your Own Device (BYOD) approach.

The third module that you’re going to get from Mike Danseglio is going to cover more detail about some of the different security features of Windows 10, including Windows Hello and Passport, Enterprise Credential Production, which there are things like keeping your entire credential chain, the trusted authority, and any of the other credentials that are under that managed through Active Directory or other solutions, remote management with Azure, Device Guard, Windows Defender, hardware‑based isolation.

Things like being able to identify the location of a missing or misplaced device and/or a remote wipe . Then some of the UFI and other Trusted Platform Module content will be discussed in far more detail.

What I’m going to go into next is the navigation of Windows 10.

I’ll show you some of the interfaces as we navigate through Windows 10’s desktop, but you’ll get more detail about how to implement them, and why you might or might not implement them as we go to Module 2 and Module 3 of the First Look Clinic.

Windows 10 – Coming Attractions

These are features that I’m going to show you. Some of the navigation interfaces ‑‑ we’ve talked a little bit about the functionality ‑‑ three in particular that aren’t quite there yet, that are coming really soon.

One of those is simplified Microsoft Passport deployments. Remember we talked about a Microsoft Passport being that multifactor authentication that uses both the biometrics from Windows Hello, as well as tokens, et cetera.

Well, not all of the components of this, the passport deployment management for certificates and credentials that Microsoft has planned for Windows 10, are there yet for the enterprise deployment. All the components are there, but the full integration’s not, so watch for that to be a coming attraction.

That data leakage prevention that I talked about, Microsoft promotes it heavily as part of Windows 10. Not all of the elements of that data leakage prevention essentially are there yet, as well. Simple components of it, you can implement components of it, but not necessarily an entire suite.

You can do piece by piece of the data leakage prevention, but not necessarily an entire integrated solution at this time.

Finally, they want us to point out to you that the Windows Store, where you can get store applications, they’ve been available for Windows 8. It’s where you can get third‑party device drivers that have been proved and signed by Microsoft. Third‑party, as well as Microsoft approved applications.

With some of the new security features in Windows 10, it’s going to be important for businesses to make sure that the applications they deploy in a Windows 10 environment are fully certified, digitally signed and/or approved by Microsoft so that you can use the full security features of locking down your system, particularly if you choose to implement some of the stronger “Choose your own device” solutions that Microsoft might permit.

Those features are not fully deployed yet with Windows 10, but will be in the coming months.

Windows 10 – Basic Desktop and Navigation

Let’s take a look at the basic desktop and navigation for Windows 10. I have a touchscreen notebook or laptop and so I can either use the keyboard with my touchpad.

I can use a mouse that I’ve got plugged in or I can use the touch screen features of this desktop.

We’re used to, from the past operating systems such as Windows7 and Windows 8 and it’s similar now in Windows 10. I can click that with a mouse, I can tap it with my finger on the screen to be able to bring it up or I can tap the Windows key on my keyboard to bring up and down the menu.

If we take a look at the basic screen layout. We have only the Recycle Bin on the desktop.

If we take a look here in terms of side-swiping we don’t really have Charms, but we have the ability to get certain things like Tablet Mode and Settings.

When in presentation mode you’ll notice I swipe and clear the screen.

We’re used to going to deeper within the charms bar to find my PC settings on Windows 8 and 8.1. Microsoft added that to the start menu in Windows 10. I can click Setting and bring it up.

Here we have the ability to do our System Settings and look at some of our Devices, Network & Internet. You don’t need to go to the Control Panel for this allows us to do things like personalization of our desktop whether the touchscreen, the mouse or our keys.

Some of the hotkeys have been changed a little bit for Windows 10 to facilitate that cross‑platform function when we’ve got mobile devices touchscreen and or desktops.

Let’s go into personalization. I’m going to go and take a look at my screen layout by selecting Personalization.

Background:

Here I can change the background.

Things like I can go in and say I want a slide show and instead of using some of their pictures, I’m going to browse, and I’m going to go and take a look at my pictures folder where I’ve added some desktop layout here to my pictures.

I can change to picture every minute and choose it to fill the screen.

Navigation is pretty easy on the Windows 10 desktop.

I don’t have to click apply. My changes are automatically applies to my desktop.

Colors:

You can do different color schemes here and pick an accent based on what your background is.

You can try to change the color, depth, and colors or you can pick your own.

And choose what’s going to happen when you have a lock screen.

Lock Screen:

What your lock screen picture will look like or the background? Do you want an application that shows status on the screen so if you want an application that is a live update, you’ll want to display that. Other apps that you want, multiple apps like the Windows 8.1 environment, you can do that there.

Themes:

You can change your Windows 10 theme to look at some of the different theme settings that have been available to us in the past from Vista, Windows 7, Windows 8 or other themes that are available that you download from the Internet.

We have this ability to change all of these things pretty easily.

If I click the little gear up here where it says “Personalization”

It’ll take me back to the beginning.

There’s flavors and layers of navigation options here on the Windows 10 desktop based on what you prefer to do. Let me go back personalization here, and go to the start menu.

If I go to the start menu you’ll notice it says useful screen and that’s currently turned off.

If I turn it on then what I’m going to effectively do is go back to the settings that I had. If I minimize that I’m going back to the settings.

If I hit the start menu, anytime I go to the start menu, as opposed to getting pop‑up menu I have, I’m going back to that Windows 8 of 8.1, look and feel where I have all the tiles on my screen.

I can manage these tiles in the same way while they’re here by holding one down and moving it over to adding it to another group. In Windows 8 you could label your groups but it was a little complicated to hold down on it. Now Microsoft had given you a banner at the top where all I have to do is click it and I can change this. I can type “Main apps.”

You can change much more easily what the groupings are and move items back if I want to. I can right‑click or alt‑click on an item.

I can unpin it from the start menu. I can resize it, small, medium, wide, or large.

I can turn live tile off. That means if it’s getting a live update, this tile happens to be a news feed, it won’t be getting the update which will take less data bandwidth.

I can pin it to the taskbar which means it’s down here on my desktop taskbar as well as up there on the start menu. Or I can totally uninstall an application here. Those are additional options that I’ve got.

You’ll note that once I go into this full‑screen menu it looks a little different for navigation. We don’t have the hot corners that we had in Windows 8 or 8.1, but I have this little three platter tile.

If I click that that brings me back to a set of my applications that looks just like the start menu.

I can get back to that start menu without having to go back and forth to my desktop to get there.

It’s just a smoother navigation now that I’m in Windows 10.

The power settings are also available to sleep, shutdown, or restart are right here off at the start menu for me.

They’ve been moving around a lot in Windows 7, Windows 8, Windows 8.1, and the pre‑releases of Windows 10. It’s pretty much locked itself down here on the start menu so you can find it easily.

I can look at, whether I’m here in this full‑screen mode or when I’m back in the not full‑screen mode in terms of my personalization. I can look at all the apps.

It will give me all of the applications that are listed or available on my system in an alphabetical fashion so that I can find them pretty easily.

In addition to doing that I can launch other apps. I’m going to go back to the personalization features that I had previously. Let me go back to my settings.

Let me go to Personalization and just to make it easier, because I prefer not using the full screen.

I come right back to my standard start menu for all apps.

I will point out that you can right or alt‑click on the start menu to get all of your administrative tiles, or features that are there. Such as Task Manager, Control Panel etc…

You’ll note they’re not on “The all apps,” because not all of your standard users need to get to them. But all those functions or tools are there, if you right‑click on your start. This is one of those hot‑keys that they’ve remapped.

If I hold down the Windows key and click x. I come directly to those administrative features that are available.

Typically to the people who are going to manage or administrate either their own system or somebody else’s.

One more thing to show you in terms of basic navigation. I can come up here and where it has Admin

I’m logged into this account with the Admin account. If I click on the Admin account I can change account settings, lock it, or sign out.

Your account:

If I say change account settings. This allows me to go in and this is kind of an introduction to where you could associate your picture, take your camera to do it.

Sign-in options:

I can add additional accounts. This is again those features where we’re tying those account together, passwords and pins. I can change my sign‑in options here.

This is where we can have a sign‑in, a password, a pin, a picture password, or ultimately where we can do Windows hello. Or even some of the more robust security features would be enabled through here if you have the Professional or Enterprise Edition.

Obviously you can push those out through group policy if you desire as well.

Work Access:

Am I connected at work or school? I can join or leave a domain. Join or leave Azure and other functions. With all the different kinds of connectivity we can have from a Windows 10 platform, those can be setup.

It’s a little different than the network profile that we’ve had in Windows 7 and 8, but it’s our ability to configure how we’re doing. If I were in a work or school hookup, this is the concept we used to call Homegroups, are down here as well.

You can still go to the control panel. I can come down here and type “Control” and go to any other applications like we could do through the search.

Any that we had in Windows 7, you can go back and use that to get to the Control Panel or other configuration or application settings as well.

Family & other users:

You can look at family or other so you can add other users to this, are on the version.

Sync your settings:

You can synchronize your settings. This is where you might be synchronizing things with Homegroups and offline files if you are in an Enterprise.

Whether you want to synchronize your settings across multiple different devices. That’s going to be stored in the cloud which means that every device that hooks up,using your Microsoft account, for instance, will be synchronized so you have the same settings on all those different desktops.

And so there you have an overview of some of the basic features and a little bit of a look at some of the different navigation capabilities with Windows 10.